Difference Beween Nmap -PS And -sS

Hi All,

I was just going through man pages of nmap, but I couldn't figure out the difference between different SYN scans: -PS vs -sS.

According to man pages, both do the same thing from what I could understand, except -sS is only by root authority.

-PS vs -sS:
Code:
$ nmap -PS www.example.com

 Starting Nmap 6.47 ( http://nmap.org ) at 2015-02-22 21:25 IST
Nmap scan report for www.example.com (93.184.216.34)
Host is up (0.32s latency).
Not shown: 993 filtered ports
PORT     STATE  SERVICE
53/tcp   closed domain
80/tcp   open   http
443/tcp  open   https
554/tcp  closed rtsp
1119/tcp closed bnetgame
1755/tcp closed wms
1935/tcp closed rtmp 

# nmap -sS www.example.com

 Starting Nmap 6.47 ( http://nmap.org ) at 2015-02-22 21:25 IST
Nmap scan report for www.example.com (93.184.216.34)
Host is up (0.32s latency).
Not shown: 993 filtered ports
PORT     STATE  SERVICE
53/tcp   closed domain
80/tcp   open   http
443/tcp  open   https
554/tcp  closed rtsp
1119/tcp closed bnetgame
1755/tcp closed wms
1935/tcp closed rtmp

Nmap done: 1 IP address (1 host up) scanned in 19.33 seconds 

So how is -PS different to -sS ?

Thanks


Similar Content



Why Wont My Code Work, " SyntaX Error: Unexpected End Of File"

i have been trying to get this peice of code to work but i cant seem to get it to work.
im just starting out coding and kinda poking around in the dark to get this resolved, any help would be much appriciated, thankyou


Quote:
#!/bin/bash

echo "Would you like to scan using nmap or hping?"

read scanner

if "$scanner" = "nmap" : then

echo "Enter the starting IP address :"

read FirstIP

echo "Enter the last IP address :"

read LastIP

echo "Enter the port number you want to scan for :"

read port

nmap -sT $FirstIP-$LastIP -p $port -oG web
cat web | grep open > web1
cat web1 | cut -f2 -d ":" | cut -f1 -d "(" > web2
cat web2


elit



echo "Which IP address would you like to scan?"

read IPaddress

echo echo "What port would you like to scan for ?"

read hpingport

echo "How many packets would you like to send?"

read packets

hping3 -c $packets $IPaddress -p $hpingport > hpingscan

cat hpingscan
thankyou for any help

How To Redirect The Error Message?

I have a hostlist and there are several hosts. I want to use ssh to connect to them. I want to see whether the host is available or not by the time length of ssh takes. If it take long than 5s (which means it is not available). Then stop it, and ssh to next host. Once a host is available, then output the name of host. I previously use nmap, but the IT security told it is not allowed to install it on the desktop on campus.
Code:
    HOSTS=`cat $host_list`
    for line in $HOSTS
    do 
    ssh -o ConnectTimeout=5s $line true >> /dev/null
    RESULT=$?
    if [ $RESULT -eq 0 ]
    then
    echo $line > succeed.txt
    else
    echo $line > fail.txt
    fi
    done

The above script is all I can do.
The problem is when it is failed, I want to redirect the error message
Code:
ssh: connect to host c28-0112-05.ad.mtu.edu port 22: No route to host

. But I still get the error message.

How To Set A Time Limit Of Ssh

I have a hostlist and there are several hosts. I want to use ssh to connect to them. I want to see whether the host is available or not by the time length of ssh takes. If it take long than 5s (which means it is not available). Then stop it, and ssh to next host. Once a host is available, then output the name of host. I previously use nmap, but the IT security told it is not allowed to install it on the desktop on campus.
Code:
host_list="/home/campus27/zwang10/Desktop/cluster/program/hostlist"
HOSTS=`cat $host_list`
for line in $HOSTS
do 
timeout -5s `ssh $line`
done

The above script is all I can do.

Iptables Question

Hi,

So, I am learning meteor.js and signed up for a (cheap, i.e no support) VPS to host my Meteor app. Everything is running fine but I am trying to understand better how Linux works so here is my question:

I am running CentOS 7 on the VPS but it still uses iptables for its firewall.

I had to enable port 80 to access the web server. However, if I reboot the server, it stops working until I do
Code:
iptables -F

Then everything works. But I am thinking that -F might not be the best thing. I have changed the default SSH port from 22 to something else and that also works but I don't think I ever added it to the iptables rules.

If I do a port scan, the new SSH port is indicated as open as well as port 80 but others are closed as they are supposed to be.

Any idea what is doing on behind the scenes that requires iptables -F for the web access to work properly and if I shouldn't be doing iptables -F (I have it in the rc.local file), what is the right way of doing it?

(BTW, I am computer literate but not that familiar with Linux, which I am trying to learn now.)


Kamal

Network Injectors And Network Sniffers

Newbie question on networking he

I read an article on network tools (tcpdump, wireshark, nmap etc)

One big distinction was made between network sniffers and network injectors. Of course, I cannot find the article anymore on the internet.

A brief explanation would be more than welcome.

Linux - Snort

Hello everyone. I am attempting to get Snort to recognize a Portscan and have an alert pop up on the screen. I have successfully installed and run snort in multiple types of configurations. I have enabled the sfportscan preprocessor in my snort.conf Snort is running on Ubuntu and I am running nmap on a Kali box. Can anyone offer any insight on how to configure snort to have an alert pop up when it detects any type of portscan?

Thanks,
-Trevor

Ssh_exchange_identification: Connection Closed By Remote Host

Hi,
I try to co connect to a linux server and get following message:


Code:
me@host:~> ssh -X target -vvv
OpenSSH_5.1p1, OpenSSL 0.9.8j-fips 07 Jan 2009
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to target [192.103.143.9] port 22.
debug1: Connection established.
debug3: Not a RSA1 key file /users/me/.ssh/id_rsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype
debug1: identity file /users/me/.ssh/id_rsa type 1
debug1: identity file /users/me/.ssh/id_dsa type -1
ssh_exchange_identification: Connection closed by remote host

Now I am trying to figure out what the problem is but I cannot connect to the target server. Is there any other way to connect except using ssh?
Thanx

How To Host Multiple Websites On Different Ip And Different Ports On Apache Webserver

How to host multiple websites on different ip and different ports On Apache webserver in Centos 5.4.
First I made two domain on two IP :192.168.1.104 and second virtual ip 192.168.1.105.
Open the httpd.conf file and assisn two ports and two ports
vi /etc/httpd/conf/httpd.conf
NameVirtualHost 192.168.1.104:8139
NameVirtualHost 192.168.1.105:8080
<VirtualHost 192.168.1.104:8139>
DocumnetRoot /home/xyz/
serverName xyz.in
</VirtualHost>

<VirtualHost 192.168.1.105:8080>
DocumnetRoot /home/abc/
serverName abc.in
</VirtualHost>

service httpd restart
service dns restart
First One I am getting the website opened but not the second one
Please help me .I can host the website on same ip and different port but unable to host the website on different ip and different port.
DNS is working fine

PhpVirtualBox Cannot Connect To 127.0.0.1:18083

I am using phpVirtualBox, and everything is working perfectly. Then something changes, and I get the following error:
Code:
Could not connect to host (http://127.0.0.1:18083/)

I reboot the physical machine, or execute /etc/init.d/vboxweb-service restart, and then everything works for a while.

According to http://sourceforge.net/p/phpvirtualb...onnect-to-host, there are three reasons why this will happen.
Quote:
This indicates that phpVirtualBox could not connect to the vboxwebsrv server. Either the location setting in config.php is wrong, vboxwebsrv is not running on the VirtualBox host, or SELinux is blocking access to vboxwebsrv. If you have SELinux enabled
As shown below, it is not reason 2 or 3.

Code:
[root@devserver ~]# service vboxweb-service status
Checking for VBox Web Service ...running
[root@devserver ~]# service vboxdrv status
VirtualBox kernel modules (vboxdrv, vboxnetflt, vboxnetadp, vboxpci) are loaded.
[root@devserver ~]# service vboxautostart-service status
Usage: /etc/init.d/vboxautostart-service {start|stop}
[root@devserver ~]# service  vboxballoonctrl-service status
Checking for VBox watchdog service ...not running
[root@devserver ~]# sestatus
SELinux status:                 enabled
SELinuxfs mount:                /selinux
Current mode:                   permissive
Mode from config file:          permissive
Policy version:                 24
Policy from config file:        targeted
[root@devserver ~]#

Thus it must be that the location setting in config.php is wrong. config.php has the following default settings, and I left them as is.

Code:
/* SOAP URL of vboxwebsrv (not phpVirtualBox's URL) */
var $location = 'http://127.0.0.1:18083/';
...
// Host / ip to use for console connections
#var $consoleHost = '192.168.1.40';

According to http://sourceforge.net/p/phpvirtualb...-configuration, "If VirtualBox and phpVirtualBox are on the same physical host, you may leave the $location setting alone". VirtualBox and phpVirtualBox are definitely on the same physical machine.

Please provide recommendations.

CentOS 6 - Connection Reset By Peer Error

Hi,

I have a CentOS 6 machine [Machine X], which I connect to using a putty client or from another CentOS 6 machine.

Now, the machine X intermittently sends a connection reset message to all SSH sessions -

Code:
Read from remote host 1.1.1.1: Connection reset by peer
Connection to 1.1.1.1 closed.

I have switched off the firewall on the machine & there are no session timeout values set.

How do I find out what is causing this issue?


Thanks

Bhushan